It's been now one month, dozens of emails, countless hours on the phone... Yet, no solution...
We have hundreds of customers using our application, and since late December our emails are going to quarantine.
Well, not quite... We can send emails to aol.com, gmail.com, fastmail.com, freenet.de, hotmail.com, laposte.net, libero.it, outlook.com and several other email providers. But we cannot sent to other Microsoft 365 tenants!
I would understand (but not accept) that Microsoft would block emails from gmail, and gmail to block emails from Microsoft, but it's the first time that I see a provider blocking their own customers to communicate with each other!
We spent countless hours with Microsoft checking SPF, DKIM, DMARC, everything is properly configured. The domain is not blacklist anywhere.
We notice this behavior when we use our domain in the email content (subject or body).
So, if I send an email from firstname.lastname@example.org and in the body I have "mydomain.com" it will be quarantined - reason "Phishing"!
I find this incredible, that as a legit owner of mydomain.com I can send emails to anyone with a link to my website, except to other Microsoft 365 users...
UPDATE: Now I cannot even send the domain name without a link! So far, it was only considered Phishing if I had the link the email, now I cannot even use my signature as Luis from mydomain.com!!!
So far, the only solutions Microsoft proposed was:
1 - ask all clients to add mydomain.com to the safe domains in the Exchange Admin center (I will need to check which customers are using Microsoft 365 and ask hundreds of large companies to apply these changes in their configuration)
2 - send it as an encrypted email - which means, all emails I send will only have a link, the users will need to click on the link, open the browser to read the emails. They will not be able to read the emails in Outlook.
Can't Microsoft simple remove "mydomain.com" from their "phishing" keyword list?